InfoWorld: And how much is that going through lines of business and how much does the CIO know about?

Moorman: Well, I think you're right. There is a lot of ... so-called rogue IT that is happening out there. But this is a fact of life for CIOs.

InfoWorld: But lines of business didn't have this particular option before.

Moorman: They did not. But there's no stopping that, and the long tail of applications that exist in a business are going to explode. And IT departments are really built to run five core applications that run a company. There are going to be hundreds of applications in businesses that run those companies, and IT departments are going to have to respond to that. And there's no question in my mind that public services are going to be part of it.

InfoWorld: What are you hearing from CIOs in how they manage "rogue IT" with this cloud option? And do you have any recommendation for CIOs in how they should look at that?

Moorman: I actually think CIOs are just now getting on top of it. A lot of them know what's happening and they're trying to get their arms around it, but they're not succeeding. I think they need to get proactive. They need to realize that it's real and it's happening and they need to view themselves as enablers to allow the company to get that extra productivity that's coming from all these applications that are getting built.

InfoWorld: What sort of controls can a CIO put in place to make sure no one is duplicating effort or creating security problems, that sort of thing?

Moorman: I think what they need to figure out is -- how do we handle all the requests around the most sensitive data so no one is compelled to put that on cloud service? But otherwise, let people run. A public promotional website creates no corporate risk. If you're going to run a Super Bowl ad and want to put a complementary website up, there's really no corporate risk in doing something like that, and they should let business units go get that done and not wait in a big long queue with the IT department to make that happen.

But what they should say is -- if you want to do something with critical data, we will be very responsive to you and we will help you get that done in a way that makes sense. So people aren't compelled to do it with the most critical data. So they've got to start thinking about being a service provider.

InfoWorld: What about applications that may be more core to the business, but they want to use a public cloud provider?

Moorman: I would say the more likely scenario is that those core applications start to get disassembled. So instead of having a monolithic ERP system with ten modules, companies are moving more to service-oriented architecture and are saying, look, we might use Salesforce for CRM, we might use Service-Now for ticketing. These big monolithic stacks are getting disassembled and piece by piece they're going to move to the cloud.

InfoWorld: Talk to me about OpenStack. The Holy Grail is the idea that when you need to you can burst and you can manage that external resource as if it were of a piece with internal resources. Would you say OpenStack is part of that journey?

Moorman: We launched OpenStack about nine months ago, and I truly believe it's one of the fastest, most successful open source projects in history. The amount of interest, the amount of corporate sponsorship, the amount of enterprise interest is just unbelievable. The idea of an open source project that allows them to increase the agility of their own internal infrastructure, but then also have the promise of a cloud that looks and acts and feels and can be federated in Rackspace, in Internap, in Korea Telecom, you know, this is a very exciting prospect for companies -- the ability to go find capacity around the world. It's early days. The code is in good shape, but it's got a long way to go to be out-of-the-box turnkey for people and really simple to get going, but it's getting there.